package com.fbli.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

@Controller
public class loginController {
    @RequestMapping("/toMian")
    //根据角色判断，必须以ROLE_开头，区分大小写
    //@Secured("ROLE_abc")
    //执行之前判断，access表达式，不仅可以忽略ROLE_,也可以写上，严格区分大小写
    @PreAuthorize("hasRole('abc')")
    public String toMian(){
        return "redirect:main.html";
    }
    @RequestMapping("/toError")
    public String toError(){
        return "redirect:error.html";
    }
    @RequestMapping("/test")
    @ResponseBody
    public String test(){
        return "测试异常";
    }
}
